Skip to content

Commit 462fca2

Browse files
smcvalexlarsson
authored andcommitted
run: Don't allow chroot()
If we don't allow pivot_root() then there seems no reason why we should allow chroot(). Partially fixes GHSA-67h7-w3jq-vh4q. Signed-off-by: Simon McVittie <smcv@collabora.com>
1 parent 1330662 commit 462fca2

File tree

1 file changed

+1
-0
lines changed

1 file changed

+1
-0
lines changed

Diff for: common/flatpak-run.c

+1
Original file line numberDiff line numberDiff line change
@@ -2937,6 +2937,7 @@ setup_seccomp (FlatpakBwrap *bwrap,
29372937
{SCMP_SYS (umount), EPERM},
29382938
{SCMP_SYS (umount2), EPERM},
29392939
{SCMP_SYS (pivot_root), EPERM},
2940+
{SCMP_SYS (chroot), EPERM},
29402941
#if defined(__s390__) || defined(__s390x__) || defined(__CRIS__)
29412942
/* Architectures with CONFIG_CLONE_BACKWARDS2: the child stack
29422943
* and flags arguments are reversed so the flags come second */

0 commit comments

Comments
 (0)